[PATCH v4] arm64: kernel: implement fast refcount checking
Kees Cook
keescook at chromium.org
Mon Jul 31 14:16:21 PDT 2017
On Mon, Jul 31, 2017 at 12:22 PM, Ard Biesheuvel
<ard.biesheuvel at linaro.org> wrote:
> v4: Implement add-from-zero checking using a conditional compare rather than
> a conditional branch, which I omitted from v3 due to the 10% performance
> hit: this will result in the new refcount to be written back to memory
> before invoking the handler, which is more in line with the other checks,
> and is apparently much easier on the branch predictor, given that there
> is no performance hit whatsoever.
So refcount_inc() and refcount_add(n, ...) will write 1 and n
respectively, then hit the handler to saturate? That seems entirely
fine to me: checking inc-from-zero is just a protection against a
possible double-free condition. It's still technically a race, but a
narrow race on a rare condition is better than being able to always
win it.
Nice!
-Kees
--
Kees Cook
Pixel Security
More information about the linux-arm-kernel
mailing list